5e48f776c92a65aef2de40888c2ef11c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5e48f776c92a65aef2de40888c2ef11c_JaffaCakes118
Size

168KB
MD5

5e48f776c92a65aef2de40888c2ef11c
SHA1

9b272388c06874e1bbbc0e0e5697c61872ed1085
SHA256

1c5ad73177312f683ad838d65f98e4da16507634ad09371f54d6e5df87d9cc81
SHA512

8b7aa83f15d4b745bbee208b13d1c5be946ef44ca9709d8ed66273cdf764f8408989ff52144fcb61790e4582c6b4e25a3f3083e2c171f5253a8e15d020a2125f
SSDEEP

3072:KKscsGpCP8Sx2RQUAaUppfXguutv0YPr/s5wkUAVeFDAtVHp6NJ2Xo6fPMK+3SO1:jscLpCP8S8RQogQuavHrIZUseFDQVHpe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e48f776c92a65aef2de40888c2ef11c_JaffaCakes118

Files

5e48f776c92a65aef2de40888c2ef11c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40b13b6efd7e45d104d523d8f8cb9bd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
DeleteFileW
Sleep
GetCurrentThreadId
GetTickCount
GetLastError
CopyFileW
GetSystemDirectoryA
CreateEventA
GlobalMemoryStatus
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFilePointer
CloseHandle
SetEndOfFile
WriteFile
ReadFile
GetFileSize
CreateFileA
RemoveDirectoryA
MoveFileA
FindNextFileA
FindFirstFileA
TlsGetValue
TlsSetValue
TlsAlloc
GetLocalTime
GetModuleHandleA
GetStartupInfoA

user32

GetWindowLongA
GetAsyncKeyState
DefWindowProcA
GetClassNameA
CallNextHookEx
GetMessagePos
KillTimer
SetTimer
GetWindowRect
GetDoubleClickTime
GetClassInfoExA
FindWindowA
CreateWindowExA
DrawTextA
SetParent
GetSystemMetrics
GetForegroundWindow
GetClientRect
SendMessageA
PostMessageA
GetDesktopWindow
GetWindowThreadProcessId
DispatchMessageA
CreateDialogIndirectParamA
DialogBoxIndirectParamA
IsWindowEnabled
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
CheckMenuRadioItem
CheckMenuItem
RegisterHotKey
InflateRect
ClientToScreen
InsertMenuItemA
IntersectRect
IsDialogMessageA
SetCursor

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoRegisterSurrogate
CoRevokeClassObject
OleUninitialize
OleInitialize

msvcrt

__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strcmp
malloc
calloc
free
fopen
fseek
fread
fclose
memmove
strncmp
atoi
strchr
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40b13b6efd7e45d104d523d8f8cb9bd4

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 35KB - Virtual size: 421KB

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 35KB - Virtual size: 421KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 5KB - Virtual size: 5KB